Comodo Firewall: An intelligent way to protect against application attacks

More security tools Visit our resource center for news, tips and expert advice on the latest open source tools. Check out our Information Security IT Downloads section and review other freeware tools.

When it comes to firewalls, I am a belt-and-suspenders guy. Although I run a network firewall appliance, I want my PCs to have a personal firewall installed too. Mac and Linux machines come equipped with decent personal firewalls, but Windows is another story. Since Windows XP's free firewall doesn't thoroughly inspect suspicious outbound traffic, I relied on Sygate's products. But when Symantec bought the firm and virtually removed the product from the market, I was left to search for a solid replacement. It was during my search that I found the Comodo Firewall.

While Comodo Group offers both commercial and freeware products, it insists that Comodo Firewall is truly free for private and professional/commercial use.

So why is this product a solid choice for an application-aware firewall? Well, for starters, it has a well-designed interface and has cleverly concealed embedded intelligence. Once installed, for example, its built-in application database recognizes over 10,000 programs, which means that you don't have to train the firewall for each "safe" application, and you won't get hammered with dialog boxes. It also puts ports and protocols into "stealth" mode, hiding them from outside probes.

Comodo Firewall will continually check active applications and their communications and will filter at the OSI Layers 3, 4, 5, 6 and 7 while watching each application. You can customize the firewall so it filters down to the number of connections per minute that an application is allowed.

If suspicious activity is detected, color-coded communication alerts indicate the assumed level of security risk, providing information about the specific applications that are communicating via which ports, and addresses are sent to users. Rules can also be customized to allow or deny specific applications and ports, allowing the order of rule execution to be easily adjusted up or down the firewall ruleset stack.

Comodo Firewall has strong integrity protection mechanisms, is virtually impossible to disarm, and protects itself, its registry entries and the ruleset from tampering by viruses, worms and other malware.

Comodo Firewall is a solid choice for an application firewall; the application is continually updated, requests for assistance in its forums are quick, it has good application intelligence and provides well-balanced user configurability with ease-of-use.

About the Author:
Scott Sidel is an ISSO with Lockheed Martin.

Read Sidel's previous edition -- KeePass: Keeping passwords under lock and key

Can't wait for next month's installment? Check out SearchSecurity.com's Information Security IT Downloads section, and learn what other valuable security freeware solutions are available.

Rate this Tip To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member. BROWSE BY TAG Application and Platform Security,   Application Firewall Security,   Open Source Security Tools and Applications,   Scott Sidel's Downloads,   VIEW ALL TAGS Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Application Firewall Security Web application firewall use goes beyond compliance, company finds Best Application Security Products Common PCI questions: Web application firewalls or source code review? IT pros find corporate firewall rules tough to navigate PCI compliance requirement 1: Firewalls Comparing an application proxy firewall and a gateway server firewall Citrix virtual desktop, app delivery controller includes security benefits How to choose between source code reviews or Web application firewalls Check Point adds virtual firewall appliance Web application firewall deployments gain traction Open Source Security Tools and Applications Screencast: Find rogue wireless acess points with Vistumbler Screencasts: On-screen demonstrations of security tools H.D. Moore on future of Metasploit attack platform H.D. Moore speaks about Metasploit Project deal, Release 3.3 Screencast: How to launch an OpenVAS scan Could Metasploit popularity erode? Metasploit Project acquired by vulnerability management firm Rapid7 SSH key compromise shuts down Apache website Screencast: Smoothwall offers firewall defense in lean times Screencast: Samurai offers pen-testing nirvana Scott Sidel's Downloads Use BotHunter for botnet detection Review system event logs with Splunk FISMA compliance made easier with OpenFISMA Ophcrack: Password cracking made easy Enigmail: Wrapping email in a digital security blanket Secure file copying with WinSCP FreeRADIUS: Acing a secure connection Spiceworks: Free network monitoring and management with a little zest VirusTotal: On-demand antivirus service scans malicious files Shining a spotlight on rootkits RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Blowfish  (SearchSecurity.com) Kermit  (SearchSecurity.com) Open Source Hardening Project  (SearchSecurity.com) SnortSnarf  (SearchSecurity.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.